<?php //ver.2011 0.1 - Eugenio Ghiglia <eugenio@blux.org> -
error_reporting(E_ALL ^ E_NOTICE); 
require('../../settings.php');
require('../../lib/class.db.php');
$email=$_notify_email;
$header = "";
$emailtext = ""; 
// Read the post from PayPal and add 'cmd' 
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {  
    $get_magic_quotes_exits = true; 
} 
foreach ($_POST as $key => $value) 
// Handle escape characters, which depends on setting of magic quotes 
{  
    if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1){  
        $value = urlencode(stripslashes($value)); 
    } else { 
        $value = urlencode($value); 
    } 
    $req .= "&$key=$value"; 
} 
// Post back to PayPal to validate 
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; 
$header .= "Content-Type: application/x-www-form-urlencoded\r\n"; 
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; 
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30); 
//$fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
 
// Process validation from PayPal 
// This sample does not test the HTTP response code. All 
// HTTP response codes must be handles or you should use an HTTP 
// library, such as cUrl 
 
if (!$fp) { 
    // HTTP ERROR 
    // mail($email, "HTTP ERROR IPN", "HTTP ERROR IPN");
} else { 
    // NO HTTP ERROR 
fputs ($fp, $header . $req); 
while (!feof($fp)) { 
    $res = fgets ($fp, 1024); 
    if (strcmp ($res, "VERIFIED") == 0) { 
        // Check the payment_status is Completed 
        // Check that txn_id has not been previously processed 
        // Check that receiver_email is your Primary PayPal email 
        // Check that payment_amount/payment_currency are correct 
        // Process payment 
        // If 'VERIFIED', send an email of IPN variables and values to the 
        // specified email address 
        foreach ($_POST as $key => $value){ 
        $emailtext .= $key . " = " .$value ."\n"; 
        } 
        mail($email, "Live-VERIFIED IPN [txn_id ".$_POST['txn_id']."]", $emailtext . "\n\n" . $req); 
        
        if ($_POST['payment_status']=='Completed') { // payment_status = Completed
            if ($_POST['txn_type']=='web_accept') { // txn_type = web_accept
        
                $db = new Db();
                $db->type=$db_type;
                if (!$db->connetti($_db_host, $_db_user, $_db_psw, $_db_name)) {
                    die("Errore nella connessione al DB");
                }
        
                // -->txn_id = 372181733 <--
                // Att.ne: potrebbe accadere che lo stesso txn_id venga processato
                // più volte da paypal. Quindi se non voglio ritoccare il record con
                // l'update devo verifica che non sia già stato processato
                
                // *** qui aggiorno ***
                $id_annuncio=$_POST['item_number'];
                $sql="UPDATE tbl_annunci SET pagato='1',
                        id_transazione='".$_POST['txn_id']."'
                      WHERE id_annuncio='$id_annuncio'
                        AND da_pagare='1'
                        AND pagato='0'
                        AND attivo='0'
                        AND scaduto='0'";
                $db->sql($sql);
                $db->disconnetti();
            }
        } 
        // altri stati possibili: Pending Denied

    } else if (strcmp($res, "INVALID") == 0) { 
        // If 'INVALID', send an email. (Log for manual investigation.) 
        foreach ($_POST as $key => $value){ 
        $emailtext .= $key . " = " .$value ."\n"; 
        } 
        mail($email, "Live-INVALID IPN [txn_id ".$_POST['txn_id']."]", $emailtext . "\n\n" . $req); 
    }    
} 
fclose ($fp);
}
?>
